Skip to content

Commit 5e84cc5

Browse files
committed
Add missing check for encrypted name id in non encrypted assertions
1 parent 748293e commit 5e84cc5

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

src/Saml2/Response.php

+1
Original file line numberDiff line numberDiff line change
@@ -234,6 +234,7 @@ public function isValid($requestId = null)
234234
);
235235
}
236236

237+
$this->encryptedNameId = $this->encryptedNameId || $this->_queryAssertion('/saml:Subject/saml:EncryptedID/xenc:EncryptedData')->length > 0;
237238
if (!$this->encryptedNameId && $security['wantNameIdEncrypted']) {
238239
throw new ValidationError(
239240
"The NameID of the Response is not encrypted and the SP requires it",

0 commit comments

Comments
 (0)